|
Windows Seven com problemas teclado - RESOLVIDO
|
|
20-10-2011, 13:27
Mensagem: #17
|
|||
|
|||
|
RE: Windows Seven com problemas teclado - RESOLVIDO
Ha alguma forma de colocar aqui o ficheiro log sem ser colar o texto?
vou colar entao o texto aqui do log, aguardando q me possam ajudar. entretanto tambem experimentei o spyware doctor(trial) que identificou ameaças e infecçoes mas para as corrigir teria de ter licença (paga). ComboFix 11-10-19.04 - nuno 20-10-2011 10:52:10.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.351.1033.18.2047.1498 [GMT 1:00] Executando de: c:\documents and settings\nuno\Desktop\ComboFix.exe * AV residente está ativo . . . ((((((((((((((((((((((((((((((((((((( Outras Exclusões ))))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\nuno\Recent\result_2008.mat c:\program files\gar2005.exe c:\program files\installer-46811-847-XP-Codec-Pack-Portuguese.exe c:\program files\messenger\msmsgsin.exe c:\program files\msn\msncorefiles\custdial.dll c:\program files\msn\msncorefiles\logonmgr.dll C:\start.bat c:\windows\dasetup.log c:\windows\Help\svhost.txt c:\windows\sysedir.dat c:\windows\system32\d3d9caps.dat c:\windows\system32\WinSys.exe . . (((((((((((((((( Arquivos/Ficheiros criados de 2011-09-20 to 2011-10-20 )))))))))))))))))))))))))))) . . 2011-10-19 15:37 . 2011-10-19 15:37 388096 ----a-r- c:\documents and settings\nuno\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-10-19 15:37 . 2011-10-19 15:37 -------- d-----w- c:\program files\Trend Micro . . . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-05-31 13:51 . 2007-05-31 13:51 6010424 ----a-w- c:\program files\Firefox Setup 2.0.0.4.exe 2007-05-23 09:55 . 2007-05-23 09:51 18029424 ----a-w- c:\program files\Install_Messenger.exe 2007-04-20 16:27 . 2007-04-20 16:28 2863832 ----a-w- c:\program files\DeepBurner1.exe 2007-03-02 11:37 . 2007-03-02 11:33 14898028 ----a-w- c:\program files\FreePrimoPDF32Setup.exe 2006-06-01 10:42 . 2006-06-01 10:42 1591163 ----a-w- c:\program files\ConTEXTsetup.exe 2006-02-08 18:29 . 2006-02-08 18:29 36488456 ----a-w- c:\program files\iTunesSetup.exe 2006-02-01 14:28 . 2006-02-01 14:28 3976295 ----a-w- c:\program files\pix33be.exe 2006-02-01 14:18 . 2006-02-01 14:18 163840 ----a-w- c:\program files\colorfix.exe 2002-10-22 00:37 . 2005-10-14 14:12 4737900 ----a-w- c:\program files\Swish 2 + Keygen.exe 2011-10-19 13:46 . 2011-03-24 10:24 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e legítimas por padrão não são apresentadas. REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\documents and settings\nuno\Application Data\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\documents and settings\nuno\Application Data\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\documents and settings\nuno\Application Data\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\documents and settings\nuno\Application Data\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-02-08 155648] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "OfficeSyncProcess"="f:\office14\MSOSYNC.EXE" [2010-03-16 718208] "{120556A7-04A2-D1D1-126D-73469C0D9C34}"="c:\documents and settings\nuno\Mocui\inity.exe" [2011-05-28 114176] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoftPerfect Personal Firewall"="c:\program files\SoftPerfect Personal Firewall\fw.exe" [2004-10-08 1314816] "msnappau"="c:\program files\MSN Apps\Updater\01.02.3000.1001\pt-pt\msnappau.exe" [2004-08-13 86016] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-02-08 155648] "ShStatEXE"="c:\program files\Network Associates\VirusScan\SHSTAT.EXE" [2004-09-22 94208] "McAfeeUpdaterUI"="c:\program files\Network Associates\Common Framework\UpdaterUI.exe" [2005-12-07 131072] "Network Associates Error Reporting Service"="c:\program files\Common Files\Network Associates\TalkBack\TBMon.exe" [2003-10-07 147514] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] "BCSSync"="f:\office14\BCSSync.exe" [2010-03-13 91520] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "TSClientMSIUninstaller"="c:\windows\Installer\TSClientMsiTrans\tscuinst.vbs" [2007-10-30 13801] "TSClientAXDisabler"="c:\windows\Installer\TSClientMsiTrans\tscdsbl.bat" [2008-01-18 2247] . c:\documents and settings\nuno\Start Menu\Programs\Startup\ Dropbox.lnk - c:\documents and settings\nuno\Application Data\Dropbox\bin\Dropbox.exe [2011-5-25 24176560] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696] . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\OCS Inventory Agent\\OcsService.exe"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\Program Files\\Network Associates\\Common Framework\\FrameworkService.exe"= "c:\\WINDOWS\\system32\\java.exe"= "c:\\Program Files\\Java\\jre1.6.0_03\\bin\\javaw.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Documents and Settings\\nuno\\Application Data\\Dropbox\\bin\\Dropbox.exe"= "c:\\Program Files\\Common Files\\SafeNet Sentinel\\Sentinel Protection Server\\WinNT\\spnsrvnt.exe"= "c:\\Program Files\\Common Files\\SafeNet Sentinel\\Sentinel Keys Server\\sntlkeyssrvr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "f:\\Office14\\GROOVE.EXE"= "f:\\Office14\\ONENOTE.EXE"= "f:\\Office14\\OUTLOOK.EXE"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 . R1 NaiAvTdi1;NaiAvTdi1;c:\windows\system32\drivers\mvstdi5x.sys [06-11-2006 17:00 58464] R2 OCS INVENTORY;OCS INVENTORY SERVICE;c:\program files\OCS Inventory Agent\OcsService.exe [01-08-2006 15:45 57344] R2 SentinelKeysServer;Sentinel Keys Server;c:\program files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [11-07-2008 2:02 328992] R2 SSIPDDP;SSIPDDP: Parallel port device driver;c:\windows\system32\drivers\SSIPDDP.SYS [04-11-2005 11:48 54784] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;f:\office14\GROOVE.EXE [25-03-2010 10:25 30969208] S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [09-01-2010 21:37 4640000] . --- =Outros Serviços/Drivers Na Memória --- . *Deregistered* - SPFDRV . Conteúdo da pasta 'Tarefas Agendadas' . . ------- Scan Suplementar ------- . uStart Page = hxxp://bwrk.startya.com/?cfg=2-490-0-0&engine_id=3&provider_id=3&product_id=490&country=PT uInternet Settings,ProxyServer = proxy.inescn.pt:3128 IE: E&xport to Microsoft Excel - f:\office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - f:\office14\ONBttnIE.dll/105 TCP: Interfaces\{7D2D2483-A8C5-44C1-8BAF-3A247BA7FA2D}: NameServer = 192.35.246.1,192.35.246.2 DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab FF - ProfilePath - c:\documents and settings\nuno\Application Data\Mozilla\Firefox\Profiles\crjh795d.default\ FF - prefs.js: browser.startup.homepage - hxxp://www2.inescporto.pt/ FF - prefs.js: keyword.URL - hxxp://bwrk.startya.com/s/?src=FF-Address&site=Yahoo!&cfg=2-490-0-0&q= FF - prefs.js: network.proxy.ftp - proxy.inescporto.pt FF - prefs.js: network.proxy.ftp_port - 3128 FF - prefs.js: network.proxy.gopher - proxy.inescporto.pt FF - prefs.js: network.proxy.gopher_port - 3128 FF - prefs.js: network.proxy.http - proxy.inescporto.pt FF - prefs.js: network.proxy.http_port - 3128 FF - prefs.js: network.proxy.socks - proxy.inescporto.pt FF - prefs.js: network.proxy.socks_port - 3128 FF - prefs.js: network.proxy.ssl - proxy.inescporto.pt FF - prefs.js: network.proxy.ssl_port - 3128 FF - prefs.js: network.proxy.type - 1 FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . - - - - ORFÃOS REMOVIDOS - - - - . MSConfigStartUp-MessengerPlus3 - c:\program files\Messenger Plus! 3\MsgPlus.exe AddRemove-Reserva_is1 - f:\reserva\unins000.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-10-20 11:01 Windows 5.1.2600 Service Pack 3 NTFS . Procurando processos ocultos ... . Procurando entradas auto inicializáveis ocultas ... . Procurando ficheiros/arquivos ocultos ... . Varredura completada com sucesso arquivos/ficheiros ocultos: 0 . ************************************************************************** . --------------------- DLLs Carregadas Sob os Processos em Execução --------------------- . - - - - - - - > 'lsass.exe'(744) c:\windows\system32\EntApi.dll c:\windows\system32\WININET.dll . Tempo para conclusão: 2011-10-20 11:07:00 ComboFix-quarantined-files.txt 2011-10-20 10:06 . Pré-execução: 3 581 452 288 bytes free Pós execução: 5 991 075 840 bytes free . WindowsXP-KB310994-SP2-Pro-BootDisk-PTB.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn . - - End Of File - - BA7011340F99787794426B34B29D7552 |
|||
|
|
« Mais Antigo | Mais Recente »
|
Utilizadores a ver este tópico: 2 Visitante(s)